newsroom.yves-rocher.com

Issued by Gandi Standard SSL CA 2

About this certificate

This digital certificate with serial number 62:a4:0e:81:87:10:9b:e7:ad:d6:c4:6d:1f:b2:22:b1 was issued on by Gandi.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=newsroom.yves-rocher.com,OU=Domain Control Validated+OU=Gandi Standard SSL

Gandi

Organization: Gandi
State / Province: Paris
Locality: Paris
Country: FR

This certificate has expire since

Certificate Details

Serial Number (hex): 62:a4:0e:81:87:10:9b:e7:ad:d6:c4:6d:1f:b2:22:b1
Serial Number (int): 131116174487689438118662137687248609969
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 17:1d:55:08:fd:1c:25:a4:b9:df:55:f8:bd:ec:ea:0c:90:90:80:14
AuthorityKeyId: b3:90:a7:d8:c9:af:4e:cd:61:3c:9f:7c:ad:5d:7f:41:fd:69:30:ea

Fingerprint (sha1): d4:ba:fa:f4:2c:46:ee:94:75:b8:86:4c:d6:91:c4:1a:c6:d6:41:1e
Fingerprint (sha256): 4e:f4:df:13:0b:f1:a0:41:4a:f8:4b:29:a9:e1:5b:61:11:f5:7f:27:d9:4d:9c:9c:0c:f9:9d:a8:4d:68:ed:81

Issuing Certificate URL: http://crt.usertrust.com/GandiStandardSSLCA2.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/GandiStandardSSLCA2.crl

Check the revocation status for certificate newsroom.yves-rocher.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for newsroom.yves-rocher.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

newsroom.yves-rocher.com
www.newsroom.yves-rocher.com

Other certificates including the domain name yves-rocher.com

(limited to 100 certificates)
services.yves-rocher.com
medianet.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
abspace-re7.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
www.yves-rocher.fr
www.yves-rocher.com
eimv3-statics.yves-rocher.com
www.yves-rocher.com
birdplan.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
admin-rec.easy-ext.yves-rocher.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
*.yves-rocher.com
www.yves-rocher.fr
www.yves-rocher.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
imperva.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
secure-vpci.yves-rocher.com
secure-vpci.yves-rocher.com
incapsula.com
dyrectperso.yves-rocher.com
incapsula.com
specif-ac.yves-rocher.com
www-npe.yves-rocher.com
incapsula.com
incapsula.com
incapsula.com
dyrectperso.yves-rocher.com
san-16-s50.tlsprovisioning.exacttarget.com
www-npe.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
sec.yr-fr-rec1.easy-ext.yves-rocher.com
secure-vpci.yves-rocher.com
myreport.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
incapsula.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
imperva.com
san-16-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
*.statics-easy-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-16-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
dyrectperso.yves-rocher.com
pim.yves-rocher.com
dyrectperso.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com
medianet.yves-rocher.com
admin-rec.easy-ext.yves-rocher.com
*.yves-rocher.com
ftp-pao.yves-rocher.com
*.yves-rocher.com
services.yves-rocher.com
incapsula.com
samy.yves-rocher.com
newsroom.yves-rocher.com
www.yves-rocher.fr
dyrectperso.yves-rocher.com
services.yves-rocher.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
www.yves-rocher.com
dyrectperso.yves-rocher.com
newsroom.yves-rocher.com
www-npe.yves-rocher.com
dkb.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
pim.yves-rocher.com
specif-ac.yves-rocher.com
*.yves-rocher.com
flow.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
*.yves-rocher.com
portailmag-rec.yves-rocher.com
*.dev-spark-ext.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
services.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
specif-ac.yves-rocher.com
san-11-s50.tlsprovisioning.exacttarget.com
san-11-s50.tlsprovisioning.exacttarget.com

Certificate

The complete raw certificate details for newsroom.yves-rocher.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIQYqQOgYcQm+et1sRtH7IisTANBgkqhkiG9w0BAQsFADBf
MQswCQYDVQQGEwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4w
DAYDVQQKEwVHYW5kaTEgMB4GA1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIw
HhcNMTkwMzA0MDAwMDAwWhcNMjAwMzA3MjM1OTU5WjBjMSEwHwYDVQQLExhEb21h
aW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsTEkdhbmRpIFN0YW5kYXJkIFNT
TDEhMB8GA1UEAxMYbmV3c3Jvb20ueXZlcy1yb2NoZXIuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmIn+U/HfvOEOmO9h6iZ7qqUxIgGyTY2qESc
fb71y+aoSLSqRqZgsR9xNNYYARbuQ/BW3xHk+KYvfYoxYOK72Ev0qAw2w0Oerh0V
p91R2Ch9oCUZAJEm/eu07FQEMoDcx34pNPqgCFIik80bz9tWweHXtgtQdCQH9YNb
zFo+rJWqO0LjUsSUd9Ku74AELVPmFy/O9VmSOPTZ9hreINnKyUsJACSPAR4U0YNm
npDwSE4327+IabUIHFglhAsr+J+0c2Fi47f1J/c9W1TbAn/wWoDdRYPugsH6Lj8F
ZhWnlncKKdfDVW99UOBqOgacnHW4gW6eWQPRpyOFSz9HbzHdywIDAQABo4IC0TCC
As0wHwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/Qf1pMOowHQYDVR0OBBYEFBcd
VQj9HCWkud9V+L3s6gyQkIAUMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMDYGCysG
AQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5j
b20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwudXNlcnRy
dXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNybDBzBggrBgEFBQcBAQRnMGUw
PAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5k
YXJkU1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0
LmNvbTBBBgNVHREEOjA4ghhuZXdzcm9vbS55dmVzLXJvY2hlci5jb22CHHd3dy5u
ZXdzcm9vbS55dmVzLXJvY2hlci5jb20wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
dgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWlIbV8IAAAEAwBH
MEUCIQDvU8J+A3+l+gWIuWMaPPkA2uHdgwy0Aj1fmilTQnoL3gIgIR+ThbqbdSOS
NglFHKZzI1TbbBzeDAauQ2ShGDQDxygAdgBep3P531bA57U2SH3QSeAyepGaDISh
EhKEGHWWgXFFWAAAAWlIbV9GAAAEAwBHMEUCIQCw5DsPwceuSMY8DRt8lO4r196z
XTfwVZSqrhJpu+FOuAIgXfnuAOPPgWIaoivC2NT/a0EUcTEArVJN1iA1kf9bD6Yw
DQYJKoZIhvcNAQELBQADggEBAEZUMJ3qol7ttVbZqcjouB0RXDZxU0Md61e1cJ3O
fNOPeQ/T4/pALvghKACgAgB0xRkdwGzjm9gXZCjtWDrf8JiZHTsBp8GOPCvgbaUC
5DVotiI2mPpDzoCQgaxlVtZ25DI7OS+Di2YVXfhEC3mVpK0Vgg63QDU5pdESvTNH
RAHIaeRNkxd1cYvVCjoF8AtgN4ndzwQVhODvTaEjufuVEr5fRmfTxln+qNi8LCBy
zpCHG3t1YvKmw3FElMDJ8z9lBLaEKTFhrptR/bxG09yNIG7uVcSbNd48sJiCY/a4
1u2+zwoUNH3B8qTJZE14WhJRkvjgBCdGuKtxRuOyxyO4llo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmIn+U/HfvOEOmO9h6iZ
7qqUxIgGyTY2qEScfb71y+aoSLSqRqZgsR9xNNYYARbuQ/BW3xHk+KYvfYoxYOK7
2Ev0qAw2w0Oerh0Vp91R2Ch9oCUZAJEm/eu07FQEMoDcx34pNPqgCFIik80bz9tW
weHXtgtQdCQH9YNbzFo+rJWqO0LjUsSUd9Ku74AELVPmFy/O9VmSOPTZ9hreINnK
yUsJACSPAR4U0YNmnpDwSE4327+IabUIHFglhAsr+J+0c2Fi47f1J/c9W1TbAn/w
WoDdRYPugsH6Lj8FZhWnlncKKdfDVW99UOBqOgacnHW4gW6eWQPRpyOFSz9HbzHd
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 131116174487689438118662137687248609969
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Paris'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi Standard SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'newsroom.yves-rocher.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24538633763956034405089108242593254940244305477002595985761214539078508511153631385396768435761543406860590159709379260065729038542145920659018575621576612938161655185051124772901869128199585141318831576093910404385037895694431393149979496430470815578294496182865634381888416805483492625207885934945188127624244422036866843549106033667907352929326823025486177806133401535849772130659017876919335976650084627133229829884528703221946140161377302097410250552026542459632052093295001097218826980185301524629199220972278820802408604006312475290176477319876620493879405169147918750571716590648358037295698601605117726809547
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b390a7d8c9af4ecd613c9f7cad5d7f41fd6930ea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							171d5508fd1c25a4b9df55f8bdecea0c90908014
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/GandiStandardSSLCA2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/GandiStandardSSLCA2.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newsroom.yves-rocher.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.newsroom.yves-rocher.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000169486d5f080000040300473045022100ef53c27e037fa5fa0588b9631a3cf900dae1dd830cb4023d5f9a2953427a0bde0220211f9385ba9b7523923609451ca6732354db6c1cde0c06ae4364a1183403c7280076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000169486d5f460000040300473045022100b0e43b0fc1c7ae48c63c0d1b7c94ee2bd7deb35d37f05594aaae1269bbe14eb802205df9ee00e3cf81621aa22bc2d8d4ff6b4114713100ad524dd6203591ff5b0fa6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004654309deaa25eedb556d9a9c8e8b81d115c367153431deb57b5709dce7cd38f790fd3e3fa402ef8212800a0020074c5191dc06ce39bd8176428ed583adff098991d3b01a7c18e3c2be06da502e43568b6223698fa43ce809081ac6556d676e4323b392f838b66155df8440b7995a4ad15820eb7403539a5d112bd33474401c869e44d931775718bd50a3a05f00b603789ddcf041584e0ef4da123b9fb9512be5f4667d3c659fea8d8bc2c2072ce90871b7b7562f2a6c3714494c0c9f33f6504b684293161ae9b51fdbc46d3dc8d206eee55c49b35de3cb0988263f6b8d6edbecf0a14347dc1f2a4c9644d785a125192f8e0042746b8ab7146e3b2c723b8965a